H-AI Real Time module (CAP), using predictive cyber attacks database generated by H-PAR, continuously monitor the infrastructure to predict, attribute and stop attacks in Real Time. H.CAP dramatically reduces the false positive, detects 0-Day exploitation and finally neutralize it
H-CAP (Correlate, Attribute and Predict) implements a continuous monitoring that proactively protects an infrastructure from ongoing attack. The platform applies AI and big data techniques to fuse the information from the intrusion sensors, SIEM and IDS on current intrusions with the one on attack paths that H-PAR proactively computes. The fusion produces information that enables a SOC to predict the next attacks, to anticipate the goal of ongoing attacks and to deploy dynamic countermeasures to minimize risk. Using H-cap, a SOC can dynamically deploy countermeasures only when and if they are needed to minimize both the risk and the security investment. H-cap can also signal attackers that are exploiting 0-day vulnerabilities and suggest countermeasure to protect critical resources. Moreover H-CAP, with its AI technology, drastically reduces the number of false positives that are the Achilles heel of the most SIEM/SOCs. Too many information to be analyzed for a human being.